Bitcoin Core Upgrade 'Critical' for Everyone, Urge Developers in Bug Disclosure

Publié le by Cointele | Publié le

Mentionné dans cet article
Bitcoin Core developers published a "Full disclosure" of the vulnerability affecting several implementations of the Bitcoin client Friday, September 21, repeating calls for all nodes to upgrade to the latest version as a priority.

In addition to technical details about the bug, known as CVE-2018-17144, the disclosure explains how developers dealt with the threat to the Bitcoin network, along with a timeline of its discovery and patching in Bitcoin Core version 0.16.3.

"In order to encourage rapid upgrades, the decision was made to immediately patch and disclose the less serious Denial of Service vulnerability, concurrently with reaching out to miners, businesses, and other affected systems while delaying publication of the full issue to give times for systems to upgrade," the notice reads.

CVE-2018-17144 had spooked the Bitcoin technical community when an anonymous party reported it this week, with Bitcoin.org creator Cobra describing its potential impact as "Very scary."

"However, it still remains critical that affected users upgrade and apply the latest patches to ensure no possibility of large reorganizations, mining of invalid blocks, or acceptance of invalid transactions occurs."

The impetus to upgrade at the current time appears not to be shared unanimously, with Bitcoin Core developer Luke-jr subsequently claiming the update publication was "Premature."

" this is being disclosed way too prematurely, but the cat's out of the bag," he wrote on Twitter, nonetheless urging followers to upgrade "ASAP!".

x